Transcription

2 Agenda What is DIRECT and why do I care? You ve convinced me. How do I enroll? How do I set up DIRECT in OP? How do I send and receive DIRECT messages in OP? Is there enough time left for a live demo? Q&A

3 What is DIRECT? From the DIRECT charter document: The DIRECT Project specifies a simple, secure, scalable, standards-based way for participants to send authenticated, encrypted protected health information (PHI) directly to known, trusted recipients over the Internet DIRECT messages go from one healthcare provider to another, just like regular . Unlike HIEs, there is no intermediate repository and no copies are retained anywhere except the sender and receiver systems. All 2014 Certified EHR Technology must support DIRECT

4 I already have . Why do I need another address? Regular is not necessarily secure at rest is not necessarily encrypted in transit does not guarantee the identity of the sender does not guarantee the identity of the recipient is not attached to the patient chart DIRECT messaging solves all of these problems HISPs (Health Information Service Providers) handle all messages securely through trust anchors senders and recipients must be identity-proofed tightly integrated with EHR

5 Avoiding the HIPAA Police Preconditions of trust Sender has assurance receiver is who they claim to be Receiver has same level of assurance in sender Both have assurance that message content was not modified in transit Exposure to PHI is under complete control of sender and receiver

6 Let s swap keys. That s still legal, right? S/MIME = sender private key + receiver public key Sender ensures that only intended receiver can view the content, through use of the receiver's private key to decrypt the data Receiver ensures that the content arrived as sent by the sender, through use of the sender's signature Both parties ensure that they trust the identity assurance and other certificate issuance policies of the sender and receiver's certification authorities

7 Cool! Sign me up! Not so fast. How do I know I can I trust you? Identity-proofing documents Articles of incorporation NPIDs Passports Driver licenses

8 Introducing EMR Direct: Office Practicum s DIRECT Partner EMR Direct is a HISP for numerous EHR vendors accountable to the HIPAA Security Rule must have contractually binding legal agreements with the sender or receiver of directed exchange of PHI, including all terms and conditions required in a BAA uses trust anchors to determine that it is safe to exchange messages with other HISPs sends private messages over the public Internet protected by strong encryption

12 Choosing your DIRECT address If your organization already has an you can create a subdomain for DIRECT Advantages: recognized at a glance by colleagues, contains the word direct to indicate special purpose Disadvantages: one-time upfront fee, may require your IT provider to reconfigure your Internet name services

13 Choosing your DIRECT address If your organization doesn t have its own domain, or if you don t want to spend the extra money on a custom subdomain, OP can create a unique subdomain under opdirect.net: Advantages: immediate availability, don t have buy a unique primary domain if you have no need for one, still contains the word direct to indicate special purpose Disadvantages: looks different from non-secure addresses that you may already use

14 DIRECT Address Rules Every provider must have a unique address - no sharing! Nurses and non-clinical users may also request addresses, subject to identity-proofing Generic addresses (i.e., referrals, medical-records ) are allowed but discouraged. If used, they must be assigned to a specific individual at any given time. Only one address per user - you cannot be associated with both an individual address and a generic address Addresses are paid for on a month-by-month basis and may be added and removed as needed at any time

15 Setting Up DIRECT Addresses in OP DIRECT addresses go in your OP Address Book, underneath the existing non-secure address field In order to send DIRECT messages, you must have a valid DIRECT in the Address Book DIRECT messages may only be sent to recipients who are listed in your OP Address Book with a valid DIRECT address In order to receive DIRECT messages, the sender must be matched to a listing in your OP Address Book with a valid DIRECT address that you recognize

16 Setting Up DIRECT Addresses in OP

17 Sending DIRECT Messages from OP DIRECT messages are created on the same New Message Form as all other OP messages When you create a message, if you have a valid DIRECT address, then the list of possible recipients in the To dropdown will include everyone outside your practice with a valid DIRECT address New messages may be addressed to a combination of internal and external providers, but external replies only come back to the original sender As with internal messages, external DIRECT messages and replies are captured to the patient chart

18 Sending DIRECT Messages from OP

19 Receiving DIRECT Messages in OP Inbound DIRECT messages from external providers are placed on a separate tab in the existing Message Center New unread DIRECT messages will turn the Message phone red, with a distinct unread count in the icon DIRECT messages from external providers may be replied to like any other message Unsolicited external DIRECT messages (those which are not in reply to a message you originated) may be associated with a patient chart when appropriate

20 Receiving DIRECT Messages in OP

21 Receiving DIRECT Referrals in OP External DIRECT messages may include attachments Attachments appear in a new column on the right side of the Responses pane When you click on an attachment, it is opened in the correct viewer, based on its type (image, PDF, etc.) Clinical documents open in a special viewer which lets you read the report, then clinically reconcile any information you would like to incorporate back into the patient chart without manual retyping

22 Receiving DIRECT Referrals in OP

23 Sending DIRECT Referrals from OP Meaningful Use Stage 2 requires that 50% of outbound transitions of care be transmitted electronically with a copy of patient records When you create a new Referral Letter, the options at the bottom of the form will include a [Send] button if you have a DIRECT address The [Send] button creates a CDA (electronic document with patient records) and opens a New Message with the CDA as an attachment You can add your own message text and choose anyone in your Address Book with a valid DIRECT address

24 Sending DIRECT Referrals from OP

25 VDT Implications VDT sounds like - but is not - a new form of an STI (although it may give you a virus if you re not careful!) View, Download, Transmit - actions patients must be allowed to perform on demand using your OP Portal Transmit requires both a Sender and a Receiver Sender - portal preference: either patient s named PCP, or a single DIRECT address under your control from which all transmissions are seen to originate Receiver - list of outside providers (not on staff) with a valid DIRECT address and checkmarked as Public

26 A Communications Revolution in the Making DIRECT is nascent, but MU2 transition-of-care requirement will drive rapid adoption as all EHR users upgrade to compatible software Ability to send routine, secure messages within the healthcare provider community is long overdue Sending and receiving clinical documents as attachments is much faster and more convenient than faxes and paper mail Enrollment takes time and effort - start planning now!

Direct Secure Messaging: Improving the Secure and Interoperable Exchange of Health Information Within the healthcare industry, the exchange of protected health information (PHI) is governed by regulations

Guide to Meaningful Use Stage 2 September, 2013 Introduction This document describes the following Core Measure requirements that are needed in order to be compatible with Meaningful Use Stage 2. Meaningful

Direct Secure Messaging Communicating in the Healthcare World Andy Nieto, Health IT Strategist, DataMotion Agenda Email and Direct in healthcare, a little history So what is Direct, really Certificates

RPost Outlook Quick Start Guide This document outlines the steps to send an email using the RPost services and a brief description of the features available with the RPost add-in for Microsoft Outlook.

Making Sense of Meaningful Use: Stage 2 1 Who are we? Purdue Healthcare Advisors (PHA)*, a business unit of Purdue University, specializes in affordable assistance to organizations that share our passion

PHS-Connect Users Group Forum November 7, 2013 Agenda Introductions and Opening Remarks PHS-Connect Update Direction of PHS-Connect What can PHS-Connect Do for Me and My EMR Secure Messaging for MU2 and

The Ribbon: Home tab New Email to send a new mail New Items to send a new mail, a new appointment, a new meeting, a new contact, a new task, a new Lync Meeting Ignore to ignore a request Clean Up to clean

Navigating the Trends in Health Care Today MEDITECH Solutions for Meaningful Use and Interoperability Certification Update EHRs Meeting ONC 2014 Standards "There is no such thing as being 'Stage 1 Certified'

Provider Help Guide for NIST EHR Randomizer Tool Purpose of the EHR Randomizer: As part of the third measure for the Meaningful Use Stage 2 Transitions of Care Objective, Eligible Providers and Eligible

How to Achieve Meaningful Use with ICANotes Meaningful use involves using an EHR in a way that the government has defined as meaningful to collect incentive payments. but do not participate. Note: If you

Quarantine Central for end users: FAQs About is a leading hosted email services company. Founded in 1994, was one of the first companies to offer hosted email security services to the North American market.

Who are we? Purdue Healthcare Advisors (PHA)*, a business unit of Purdue University, specializes in affordable assistance to organizations that share our passion for healthcare transformation. We bring

Options for encrypted e-mail communication with AUDI AG Version of: 31 May 2011 1 Options for encrypted e-mail communication with AUDI AG Confidential information may only be transmitted in encrypted form

E-Mail Electronic Mail There are two types of mail services. MS Outlook Express: Basics Lesson Notes Author: Pamela Schmidt 1. Mail is generated on the users systems. The user then ties into their Internet

Patient Portal Training Manual The Patient Portal is a secure website that will allow patients to access medical information from the Electronic Medical Record (EMR), send messages to their providers or

E-mail Encryption SecurenCrypt e-mail encryption was designed to work as a plug-in with Microsoft Outlook. The following instructions are geared toward users encrypting e-mail with Outlook. However, throughout

Meaningful Use Dashboard Calculation Guide Learn how to use Practice Fusion s Meaningful Use Dashboard to help you achieve Meaningful Use. For more information, visit the Meaningful Use Center. General

Using Your New Webmail Table of Contents Composing a New Message... 2 Adding Attachments to a Message... 4 Inserting a Hyperlink... 6 Searching For Messages... 8 Downloading Email from a POP3 Account...

How to Configure Outlook 2003 to connect to Exchange 2010 Outlook 2003 will install and work correctly on any version of Windows XP, Vista, Windows 7 or Windows 8. These instructions describe how to setup

Progress is defined not so much by the invention of new technology, but by our ability to use it for solving problems and reaching our objectives. Indeed, today s ever-changing world of healthcare requires

1 Bank of Hawaii Protecting Confidential Email Email is commonly used to transmit confidential information such as operational data, legal documents, or financial information. By default emails are sent

Electronic Health Records and the ASC California Ambulatory Surgery Association September 12, 2013 Office of National Coordinator As both public and private payers take concrete steps to change the incentives

SendSafe Secure Email By the end of the course, you will be able to: Recognize the importance of encrypting email Identify items for encryption Encrypt email Manage blocked email Advise recipients on retrieving

This checklist provides a look into Ohio s Medicaid Provider Incentive Program (MPIP) system for eligible professionals and may be used as a guide to help eligible professionals gather information that

Medical Privacy Version 2015.04.13 Account Restrictions Agreement [ARA] - Required by LuxSci HIPAA Accounts In order for Lux Scientiae, Incorporated (LuxSci) to ensure the security and privacy of all Electronic

Known/Unresolved issues: Browser Scan to e-mail Creating Help Desk tickets for the scan-to-email issue is no longer necessary. A member of MIS will follow up with each office to determine scan-to-email

2013 Meaningful Use Dashboard Calculation Guide Learn how to use Practice Fusion s Meaningful Use Dashboard to help you achieve Meaningful Use. For more information, visit the Meaningful Use Center. General

EHR Incentive Programs A program administered by the Centers for Medicare & Medicaid Services (CMS) Eligible Professional s Guide to STAGE 2 of the EHR Incentive Programs September 2013 TABLE OF CONTENTS...

Citi Secure Email Program Receiving Secure Email from Citi For External Customers and Business Partners Protecting the privacy and security of client information is a top priority at Citi. Citi s Secure

Class C Email One-Time Set-up Instructions IMPORTANT! Please print this document and the email message it came with so you can activate your Email account on Day 1 of the Email Conversion. Overview Congratulations!

1 Bank of Hawaii Protecting Confidential Email Email is commonly used to transmit confidential information such as operational data, legal documents, or financial information. By default emails are sent

Customer Success Story Health Unity Health Unity and ClearDATA partner to help a large IDN achieve Meaningful Use Page 2 of 5 Health Unity and ClearDATA Partner to Help a Large IDN Achieve Meaningful Use

Of EHRs and Meaningful Use Pat Wise, RN, MA, MS FHIMSS COL (USA ret d) VP, Healthcare Information Systems, HIMSS 1 MU: Where We are Today From www.cms.gov As of the end of January 31, 2013: >210,000 EPs

Let's Begin: Log In and Set Up Security Questions To start, you can log in from the ProMailSource home page. Sending an Encrypted/Unencrypted Message Every message you send through ProMailSource is automatically

IMPORTANT: This Scotiabank Student GIC Program Guide outlines program and product details effective August 18, 2014. If you are set-up under the old program (Cashable GIC opened prior to May 1, 2014) and

White Paper PointClickCare Interoperability - 2014 Interoperability: In healthcare, interoperability is where multiple technology platforms and software applications are able to connect, communicate, and

State Level Registration for Eligible Professionals (EP) 2014 - All Program Years Medicaid Electronic Health Record (EHR) Incentive Program February 2014 (Version 3.2) 1 Table of Contents First Year Providers...